Commit 85608fe3 authored by Philip Cunningham's avatar Philip Cunningham

Add traits for dast_site_profile_secret_variable

- Adds password and request_headers traits
parent 9bc09614
......@@ -6,5 +6,13 @@ FactoryBot.define do
sequence(:key) { |n| "VARIABLE_#{n}" }
raw_value { 'VARIABLE_VALUE' }
trait :password do
key { Dast::SiteProfileSecretVariable::PASSWORD }
end
trait :request_headers do
key { Dast::SiteProfileSecretVariable::REQUEST_HEADERS }
end
end
end
......@@ -106,8 +106,8 @@ RSpec.describe Mutations::DastSiteProfiles::Update do
end
context 'when secret variables already exist' do
let_it_be(:request_headers_variable) { create(:dast_site_profile_secret_variable, key: Dast::SiteProfileSecretVariable::REQUEST_HEADERS, dast_site_profile: dast_site_profile) }
let_it_be(:password_variable) { create(:dast_site_profile_secret_variable, key: Dast::SiteProfileSecretVariable::PASSWORD, dast_site_profile: dast_site_profile) }
let_it_be(:request_headers_variable) { create(:dast_site_profile_secret_variable, :request_headers, dast_site_profile: dast_site_profile) }
let_it_be(:password_variable) { create(:dast_site_profile_secret_variable, :password, dast_site_profile: dast_site_profile) }
context 'when the arguments are omitted' do
subject do
......
......@@ -58,7 +58,7 @@ RSpec.describe GitlabSchema.types['DastSiteProfileAuth'] do
context 'when there an associated secret variable' do
it 'is redacted' do
create(:dast_site_profile_secret_variable, dast_site_profile: object, key: Dast::SiteProfileSecretVariable::PASSWORD)
create(:dast_site_profile_secret_variable, :password, dast_site_profile: object)
expect(resolve_field(:password, object, current_user: user)).to eq('••••••••')
end
......
......@@ -75,7 +75,7 @@ RSpec.describe GitlabSchema.types['DastSiteProfile'] do
context 'when there an associated secret variable' do
it 'is redacted' do
create(:dast_site_profile_secret_variable, dast_site_profile: object, key: Dast::SiteProfileSecretVariable::REQUEST_HEADERS)
create(:dast_site_profile_secret_variable, :request_headers, dast_site_profile: object)
expect(resolve_field(:request_headers, object, current_user: user)).to eq('••••••••')
end
......
......@@ -122,7 +122,7 @@ RSpec.describe Ci::Build do
let_it_be(:user) { create(:user, developer_projects: [project]) }
let_it_be(:dast_site_profile) { create(:dast_site_profile, project: project) }
let_it_be(:dast_scanner_profile) { create(:dast_scanner_profile, project: project) }
let_it_be(:dast_site_profile_secret_variable) { create(:dast_site_profile_secret_variable, key: 'DAST_PASSWORD_BASE64', dast_site_profile: dast_site_profile) }
let_it_be(:dast_site_profile_secret_variable) { create(:dast_site_profile_secret_variable, :password, dast_site_profile: dast_site_profile) }
let_it_be(:options) { { dast_configuration: { site_profile: dast_site_profile.name, scanner_profile: dast_scanner_profile.name } } }
before do
......
......@@ -97,8 +97,8 @@ RSpec.describe Projects::Security::DastSiteProfilesController, type: :request do
context 'record exists' do
before do
create(:dast_site_profile_secret_variable, dast_site_profile: dast_site_profile, key: Dast::SiteProfileSecretVariable::PASSWORD)
create(:dast_site_profile_secret_variable, dast_site_profile: dast_site_profile, key: Dast::SiteProfileSecretVariable::REQUEST_HEADERS)
create(:dast_site_profile_secret_variable, :password, dast_site_profile: dast_site_profile)
create(:dast_site_profile_secret_variable, :request_headers, dast_site_profile: dast_site_profile)
end
it 'includes a serialized dast_profile in the response body' do
......
......@@ -8,8 +8,8 @@ RSpec.describe AppSec::Dast::SiteProfiles::UpdateService do
let_it_be(:dast_site_profile) { create(:dast_site_profile, project: project) }
let_it_be(:dast_site_profile_id) { dast_site_profile.id }
let_it_be(:request_headers_variable) { create(:dast_site_profile_secret_variable, key: Dast::SiteProfileSecretVariable::REQUEST_HEADERS, dast_site_profile: dast_site_profile) }
let_it_be(:password_variable) { create(:dast_site_profile_secret_variable, key: Dast::SiteProfileSecretVariable::PASSWORD, dast_site_profile: dast_site_profile) }
let_it_be(:request_headers_variable) { create(:dast_site_profile_secret_variable, :request_headers, dast_site_profile: dast_site_profile) }
let_it_be(:password_variable) { create(:dast_site_profile_secret_variable, :password, dast_site_profile: dast_site_profile) }
let_it_be(:new_profile_name) { SecureRandom.hex }
let_it_be(:new_target_url) { generate(:url) }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment